They could have used something like wbtc, to bridge the bitcoin to Ethereum and then swap to eth to run it through tornado. But wbtc is a custodial wrapping service that would require kyc. There are other wrapping services that don't, but they have nowhere near that much liquidity on Ethereum to execute the trade to eth needed to run it through tornado.
The other problem is that tornado has limited liquidity itself. At the moment there is about $500M USD worth of eth in tornado. You would do yourself no good to dump a large multiple of that into the pool all at once.
Good points! Thorchain (a non-custodial service) claims 1.9B total swap volume. So, while not viable today for billions of dollars, the Bitcoin -> Thorchain -> Tornado Cash pathway seems to be viable for smaller amounts. Which doesn't necessarily bode well for recovering stolen bitcoin (and other crypto) in the future.
A thief still has to figure out how to convert crypto to fiat. But I am assuming that there are jurisdictions where this is possible without KYC.
I was thinking that there are probably thresholds that trigger alarms when large amounts of crypto are converted to fiat. If crypto is coming from a clean address, there is not evidence of illegal activity. But there is still the question of where those funds originated. So I am not sure if government entities can seize those assets...
That was my first question as well. But for someone who stores private keys of coins worth billions of dollars on google drive, I don't think using a mixer was a big concern.
They couldn't even bother to use strong encryption on the file of private keys. Crypto 101: never store private keys online.
Another possibility is Ironfish(https://ironfish.network/), but I don't know how much liquidity there exists in either of these. I don't think you could launder/hide $4bn through either of these. Perhaps slowly over a long period of time.
Ironfish is just a testnet so there is zero liquidity there because it isn't even launched.
Tornado cash has about $700mm right now deposited in it, with the vast majority of that being in the 100 ETH deposit pool.
They absolutely could have done it over time. They could have bridged the Bitcoin using the RenVM protocol to receive renBTC, done a combination of selling the renBTC and let arbitrageurs provide the liquidity as the couple would have had to sell a little below market. They could then deposit the ETH in Tornado.cash. Simultaneously to speed things up, they could have deposited the renBTC into an onchain staking protocol to borrow against it, using the borrowed proceeds as their liquidity, and possibly even just forgetting about the collateral and letting the protocol take it eventually.
Even though they would be a large part of the Tornado.cash pool, it would actually only be "for now" because there are several other heists of large seizes that are turned away from Tornado.cash because it is too small. So liquidity begets liquidity. I would content that even if they had become 60% of the pool, boosting its size to $1.5bn, that it would have attracted many more deposits, I could see Tornado.cash being a $3bn pool by now, given the size of heists that I know of.
Tornado.cash of course is not good enough to reintegrate back into the economy, under your name. So then they could have employed the reintegration.
With clean money they earned from salary, they could have created a random token on the Ethereum network, lets call it SHIBA INU (SHIB), made sure to keep a bunch of the tokens for themselves, and then withdrawn tornado cash notes to 100,000 addresses which programmatically bought SHIB, and pumped the token 52885982.4% and just been a lucky trader that cashes out with long term capital gains they pay. They would have had many more billions doing that.
Its too bad that people could try to throw a "conspiracy to commit" charge at me too, the moment I use Tornado Cash or launch an erc20 token now, but its more important to me that my speech isn't chilled so that you all can have a better discussion about it.
An excellent overview of how the crypto ecosystem glues together. Also a shame that understanding and explaining how these technologies can be (and probably are!) used together leads to accusations of criminal past or intentions.
I have a question: is it possible to write scripts to do the above automatically? Or does it have to be a manual process?
Few people understand the ecosystem thoroughly (I admit that I do not), so few people can implement the manual process properly. One mistake equals 0 privacy.
Also, would they be allowed to use renVM since everyone knew that these accounts contained bad bitcoin?
It is possible to write scripts to do this automatically, and randomized activity.
There is a push for more and more permissionless bridges. All the bridge builders and their communities shy away from that obvious discussion because they do host and earn basis points from any crypto that passes over the bridge, even if it is obviously from a heist. It would put a bridge, especially that bridge, in a tough spot if these hackers did too much too soon, the hackers would have needed to be watching bridge technology and from this indictment it just looks like they werent.
I don't understand why you are being so aggressive. This is a post about news on laundering crypto. I am aware of a technology that seems to cater to that use case.
I would assume that it's because your comment reads like an advertisement, since it name-drops (and links to) a specific mixer rather than just saying "It seems that a coin mixer could have been used..." Is there anything novel about this particular mixer? If not, why link to this one specifically?
- Laundering happened before Tornado Cash existed, so Tornado Cash was not used
- They used something like Tornado Cash, but the funds were still traceable